In the first part of this series, we recounted India’s regulatory response to cryptocurrencies. We then highlighted traditional arguments supporting regulation and explored the difficulties regulators face, namely that cryptocurrencies do not constitute a single, uniform asset class. We argued that its plurality complicates attempts to regulate them within existing legal frameworks.
Before turning to the regulatory question in greater detail, it is useful to step back and examine how this ecosystem has evolved. The transformation of cryptocurrencies from Bitcoin’s originally envisioned electronic cash system to the far more complex ecosystem that exists today provides important context for understanding how these systems operate, what they enable, and why traditional regulatory regimes struggle to accommodate them. An appreciation of the technological origins and their layered architecture is essential to avoid regulatory responses that might stifle innovation or undermine the technological and financial possibilities that these systems offer.
Cryptocurrency first emerged in 2008 with Satoshi Nakamoto’s famous white paper titled Bitcoin: A Peer-to-Peer Electronic Cash System. Bitcoin was designed to enable peer-to-peer (P2P) transactions without relying on a bank or other intermediary. Bitcoin originated in the wake of the 2008 financial crisis, when trust in financial institutions had been deeply shaken.
Bitcoin operates on a public, digital ledger called blockchain that records every transaction made using its native currency, bitcoin (lowercase ‘b’), i.e., the digital unit of value used within the network. This blockchain is decentralised, with no central authority owning or controlling it. Technically, anyone with the necessary infrastructure can join the system to collectively validate and record transactions.
Unlike traditional financial systems that rely on centralised intermediaries such as banks to validate transactions, blockchain relies on cryptographic verification (the use of mathematical algorithms to confirm the authenticity of data) and consensus to ensure the integrity of transactions without a central intermediary. Each transaction is digitally signed with the sender’s private key, and network participants automatically verify the signature to confirm that the transaction is authorised and valid. This decentralised architecture fundamentally distinguishes Bitcoin from traditional financial systems. Blockchain’s infrastructure is designed to be out of the reach of intermediaries and regulators.
While Bitcoin was revolutionary in its endeavour to replace trust with technology, its application was limited to its decentralised ledger function. Its success led to several new iterations, all of which were faithful to its intent of functioning as a decentralised payment system. This changed with the emergence of the Ethereum network.
The Ethereum white paper envisioned that decentralised networks have utility beyond simply recording ownership of a native currency. Ethereum was designed as a programmable blockchain on which users could execute smart contracts and run decentralised applications (dApps). The introduction of smart contracts and dApps was a transformative moment. It exponentially amplified the potential of decentralised networks by enabling them to replicate functions traditionally performed by financial institutions and other service providers without any centralised intermediary.
The mutation from Bitcoin’s ledger system to Ethereum’s programmable blockchain, and subsequent mutations thereafter, complicate its regulatory oversight. To better understand its regulatory challenges, we explore this technology through its different layers in the next segment.
Cryptocurrency networks are not monolithic systems but are composed of distinct technological layers that perform different functions within the ecosystem. At the foundation lies the protocol layer, which governs how transactions are validated and recorded on the blockchain. Built upon this is the programmable layer, which enables the execution of smart contracts and dApps. The tokenisation layer enables the creation and representation of digital assets on these networks, while the interoperability layer facilitates the transfer of assets and data across different blockchain systems.
A similar layered structure can be observed in traditional finance. For instance, within the Indian financial system, core settlement infrastructure such as RTGS and NEFT forms the foundational layer upon which payment interfaces such as UPI operate, which in turn facilitate the wide range of financial products and services we use daily, such as peer-to-peer transfers, merchant payments, and bill payments. Cryptocurrency networks exhibit a comparable layered architecture, where an underlying protocol supports programmable applications, tokenised assets, and systems enabling interaction across different networks. Viewing cryptocurrency technology in this layered manner allows regulators to identify more precisely where legal oversight may be appropriate.
Protocol Layer
This layer forms the foundation of any cryptocurrency network. At this level, the system consists of open-source code that determines how the network operates. Open-source code is software whose underlying code is publicly available for anyone to use, modify, and distribute. The code governs how transactions are validated, how new blocks are added to the blockchain, and how participants interact with the system. Once deployed, the protocol operates across a distributed network of nodes that collectively maintain the system. Because this infrastructure is decentralised and open source, no single entity exercises meaningful control over it, and that’s the catch.
This layer poses a fundamental challenge for regulators. Since the protocol operates as open-source software spread across a globally distributed network of nodes, no single entity holds meaningful control over it. Regulatory frameworks are conventionally premised on the existence of an identifiable, controllable intermediary, a premise that is fundamentally antithetical to the infrastructure of blockchain networks. Even if the original developers can be identified, the protocol typically continues to function independently.
For these reasons, direct regulation at the protocol level is generally impractical. It may also be undesirable. At best, regulators may attempt to influence this layer indirectly by overseeing entities involved in developing or maintaining the software.
Programmable Layer
This layer enables the execution of automated instructions through smart contracts. Smart contracts are code that enable direct execution when predefined conditions are met. There are no central intermediaries who enable execution. They execute without human touch. Smart contracts have enabled a wide range of financial services on blockchain.
Its potential and use case are best illustrated with an example. Consider a cross-border trade finance transaction. Today, an Indian MSME exporter must rely on a bank to issue a letter of credit, a correspondent bank abroad to verify it, and multiple intermediaries to release payment. This process takes days, and there are fees at every step. A smart contract can automate this entirely. Once a shipping document is uploaded and verified on-chain, i.e., confirmed by the network as authentic and meeting the predefined conditions coded into the smart contract, payment releases automatically to the exporter’s wallet, with no bank involved. This is not merely a hypothetical; platforms like Contour and Marco Polo already do this for trade finance.
However, this development also complicates regulatory oversight. Financial activities such as lending, trading, asset management, etc., generally involve identifiable financial institutions. However, decentralised finance (DeFi) enables similar functions through self-executing code operating on a blockchain. As a result, the programmable layer challenges a core assumption of traditional financial regulation, i.e., that financial services can always be linked to a clearly identifiable service provider.
Tokenisation Layer
Tokenisation refers to the creation of digital assets on top of blockchain networks. These tokens may serve different purposes. Some are designed to act as digital currencies within specific networks. For example, Ether is used on the Ethereum network to pay transaction fees and operate applications on the Ethereum blockchain. Others provide access to particular services within a network, such as Basic Attention Token, which is used within the Brave browser ecosystem to reward users and content creators. Certain tokens confer governance rights within decentralised systems, allowing holders to participate in decision-making regarding the operation of protocols. Examples include Uniswap’s UNI token and MakerDAO’s MKR token. In other cases, tokens may represent claims linked to real world assets such as real estate, commodities, or other financial instruments. For instance, projects such as RealT in the United States have experimented with tokenised interests in real estate, while tokens such as PAX Gold (PAXG) represent ownership claims over physical gold held in custody.
Tokenisation can significantly alter the economic characteristics of assets. Traditionally, ownership of assets such as real estate has been inherently illiquid, as such assets cannot easily be divided and sold in smaller portions. Tokenisation has the potential to change this by enabling fractional ownership through digital tokens. For example, the market value of a property could be represented by a large number of digital tokens, each reflecting a small fractional interest in the underlying asset and capable of being traded on a digital platform. This would allow investors to acquire relatively small stakes in assets that would otherwise require substantial capital, while enabling the asset owner to unlock liquidity without having to sell the entire property. Similar models have already been implemented for certain commercial real estate assets in jurisdictions such as the United States, such as RealT and Lofty, which are currently being explored through pilot initiatives in India.
From a regulatory perspective, tokens frequently blur the boundaries between existing legal categories such as securities, commodities, payment instruments, and digital goods. As explained above, different tokens operate differently. Some tokens can function primarily as speculative investment assets, while others serve technical purposes within a network, such as governance. Forcing tokens into pre-existing legal categories without accounting for their functional differences creates a real risk of regulatory misfit, whether by capturing instruments that warrant no oversight or by failing to capture those that do.
Network Interoperability Layer
The final layer concerns interoperability between different blockchain networks. As the cryptocurrency ecosystem has evolved, numerous blockchain networks have emerged, each operating with its own protocols and digital assets. Interoperability layers attempt to bridge these networks by allowing assets and data to move between them. As a result, digital assets created on one blockchain may be transferred, utilised, or exchanged on another. These mechanisms include cross-chain bridges, wrapped tokens, and interoperability protocols that connect separate blockchain environments.
For example, a user holding a stablecoin such as USDC on Ethereum may wish to use the same asset on another network where different use cases are available. Through a bridge, the user can send the asset to a protocol that locks it on Ethereum and simultaneously creates an equivalent representation of that asset on the destination blockchain. The user can then utilise that asset within the second network's ecosystem.
From a regulatory perspective, such cross-chain functionality introduces significant complexity. A single transaction may involve multiple blockchain networks, bridge protocols, and participants located in different jurisdictions. In addition, cross-chain systems may involve a combination of automated protocols and custodial intermediaries, which further complicates questions of responsibility and oversight. This creates a fragmented environment in which assets can move across networks, bypassing traditional financial infrastructure.
The layered architecture of cryptocurrencies reveals that the difficulty of regulating them lies in their very design. The technology was deliberately built to function without the intermediaries on which existing regulatory frameworks depend. Applying those frameworks wholesale by treating all tokens as securities or all protocols as financial institutions will be untenable.
This does not mean that the cryptocurrency ecosystem lies beyond the reach of regulation. Rather, it suggests that the more productive question is not which layer to regulate, but which points within this ecosystem carry the greatest risk and are most amenable to oversight. Not every layer presents the same vulnerability or the same opportunity for regulatory intervention; some, like the base protocol, may be practically unregulatable, while others, such as custodial services or token issuance platforms, present identifiable actors and relatively clearer points of control. In some cases, existing frameworks may be adapted to reach these points; in others, the novelty of the technology may require wholly new regulatory constructs rather than an attempt to force these systems into categories built for a different era. Recognising this layered structure is an important step toward developing regulatory approaches that are both targeted and actually implementable.
In the articles that follow, we examine where such regulatory “chokepoints” may lie and explore how legal frameworks might be designed to engage with them.
Anirudh Krishnan, Anuraag Rajagopalan and Hasthisha S. Desikan are Advocates at the Madras High Court and AK Law Chambers.
Athif Ahmed and Reddy Pawan Kumar are Advocates at Hash Legal.